Managing your IT and cyber security incidents

Accidents happen. So do malicious attacks. According to the 2014 Information Security Breaches Survey, commissioned by the Department for Business, Innovation and Skills, more than half of all UK SMEs suffered a serious cyber security incident in 2013.

The best way to prevent an incident becoming a disaster is to plan ahead. Your business needs strategies for:

  • data backup and restore 
  • replacing failed hardware
  • dealing with serious incidents.

Backup and recovery

Important data should be backed up regularly. If you have data servers, you can buy software that will automatically create backup copies. If your business operates several computers, manually backing up each week to CD or removable drive may be sufficient.

Crucially, backing up must take place regularly. You should also regularly test whether you can retrieve data from backup. Be wary of storing data in unauthorised places. Remember, if data is lost or damaged – it’s gone forever.

Hardware failure

IT hardware changes quickly, so if you need to replace equipment following a failure it might not be able to run your existing software, while you might need time to sort out configuration or licensing issues. Plan for such hardware problems. If possible, replace old equipment before risk of serious problems increases.

If possible, have contingency equipment available. You could keep hardware when it is replaced, to provide some cover should newer equipment need repairing. And keep the security software on the old equipment licensed if you want to limit the chances of suffering further malicious attack.

Serious incidents

A recoverable problem can quickly become a disaster if you’re not careful, which is why you and your employees must know exactly what to do if a serious security breach happens. Having documented guidance, clearly understood by all staff members, is essential – even if it tells you to do nothing until professional technical support arrives.

If you fall victim to a serious malicious incident, even if you can identify the culprit, don’t take action that could hinder or jeopardize subsequent action by law enforcers. Better to call the police immediately, because they have specialist cyber units that can help you. Learn lessons and make changes so you are better protected and better able to react in the future. If additional hardware or software would have provided better protection, buy it, budget permitting. Seek expert advice if in any doubt.

Consider all possible effects a cyber security breach could have on your business and create a plan to ensure your business can continue to operate should the worst happen. This is called contingency planning, of course, which is key to effective business continuity management.